mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-30 03:22:06 +01:00
correct for hash digest, move reference
This commit is contained in:
parent
00270a07e5
commit
43faca00e3
1 changed files with 5 additions and 5 deletions
|
@ -6,7 +6,7 @@ SPDX-License-Identifier: CC-BY-SA-4.0
|
|||
(zoom_certificates)=
|
||||
# Zooming in: Packet structure of certificates
|
||||
|
||||
Now that we've established the concepts and components that make up OpenPGP certificates , let's look at the internal details of an example certificate.
|
||||
Now that we've established the concepts and components that make up OpenPGP certificates, let's look at the internal details of an example certificate.
|
||||
|
||||
## A very minimal OpenPGP certificate
|
||||
|
||||
|
@ -341,19 +341,19 @@ This concludes the unhashed subpacket data.
|
|||
|
||||
This next section shows the remaining fields of this signature packet, which relate to the cryptographic digital signature:
|
||||
|
||||
- `digest_prefix: 0x6747`: the left 16 bits of the signed hash value
|
||||
- `digest_prefix: 0x6747`: the left 16 bits of the signed hash digest
|
||||
|
||||
- `salt_len, salt`: a random [salt value](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-advantages-of-salted-signat) with size [matching the hash algorithm](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#hash-algorithms-registry))
|
||||
|
||||
- `ed25519_sig`: [algorithm-specific](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-algorithm-specific-fields-for-ed2) representation of the signature (here: 64 bytes of Ed25519 signature)
|
||||
|
||||
The signature's hash is calculated from the following data:
|
||||
The hash digest is calculated from the following data (see [Computing Signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-computing-signatures) in the RFC):
|
||||
|
||||
- the signature's salt
|
||||
- the serialized primary key's public data
|
||||
- the serialized direct key signature packet (excluding the unhashed area)
|
||||
|
||||
Refer to [Computing Signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-computing-signatures) in the RFC for more details.
|
||||
The signature is derived from this hash digest.
|
||||
|
||||
(zoom_enc_subkey)=
|
||||
## Encryption subkey
|
||||
|
@ -509,7 +509,7 @@ The rest of the packet mirrors the *Direct Key Signature* discussed above:
|
|||
- a salt value
|
||||
- the cryptographic signature itself
|
||||
|
||||
The signature is calculated over a hash. In this case, the hash is derived from the following data:
|
||||
The signature is calculated over a hash digest. In this case, the hash digest is derived from the following data:
|
||||
|
||||
- the signature's salt
|
||||
- the serialized primary key's public data
|
||||
|
|
Loading…
Reference in a new issue